Example #1
0
 /**
  * Add ACL check to API get list query criteria
  *
  * @param GetListBefore $event
  */
 public function onGetListBefore(GetListBefore $event)
 {
     $acl = $this->securityFacade->getRequestAcl($this->request, true);
     if ($acl && $event->getClassName() === $acl->getClass()) {
         $event->setCriteria($this->aclHelper->applyAclToCriteria($event->getClassName(), $event->getCriteria(), $acl->getPermission()));
     }
 }
Example #2
0
 /**
  * {@inheritdoc}
  */
 public function process(ContextInterface $context)
 {
     /** @var Context $context */
     if ($context->hasQuery()) {
         // a query is already built
         return;
     }
     $this->aclHelper->applyAclToCriteria($context->getClassName(), $context->getCriteria(), $this->permission);
 }
 /**
  * @param ActivityListProviderInterface $provider
  * @param $mapFields
  *
  * @return Criteria
  */
 protected function getCriteriaByProvider(ActivityListProviderInterface $provider, $mapFields)
 {
     $activityClass = $provider->getActivityClass();
     $aclClass = $provider->getAclClass();
     $criteria = new Criteria();
     $appliedCriteria = $this->aclHelper->applyAclToCriteria($aclClass, $criteria, 'VIEW', $mapFields);
     $isGranted = $this->securityContextLink->getService()->isGranted('VIEW', 'entity:' . $aclClass);
     if ($isGranted) {
         $appliedCriteria->andWhere(Criteria::expr()->eq('relatedActivityClass', $activityClass));
     }
     return $appliedCriteria;
 }
Example #4
0
 public function testApplyAclToCriteria()
 {
     $conditionBuilder = $this->getMockBuilder('Oro\\Bundle\\SecurityBundle\\ORM\\Walker\\OwnershipConditionDataBuilder')->disableOriginalConstructor()->getMock();
     $conditionBuilder->expects($this->any())->method('getAclConditionData')->will($this->returnValue(['owner', 1, 4, 'organization', 10, false]));
     $criteria = new Criteria();
     $helper = new AclHelper($conditionBuilder);
     $result = $helper->applyAclToCriteria('oroTestClass', $criteria, 'TEST_PERMISSION');
     $whereExpression = $result->getWhereExpression();
     $this->assertEquals('AND', $whereExpression->getType());
     $expressions = $whereExpression->getExpressionList();
     $this->assertEquals(2, count($expressions));
     $firstExpr = $expressions[0];
     $this->assertEquals('organization', $firstExpr->getField());
     $this->assertEquals('IN', $firstExpr->getOperator());
     $this->assertEquals([10], $firstExpr->getValue()->getValue());
     $secondExpr = $expressions[1];
     $this->assertEquals('owner', $secondExpr->getField());
     $this->assertEquals('IN', $secondExpr->getOperator());
     $this->assertEquals([1], $secondExpr->getValue()->getValue());
 }